Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update the default value of the bearer_token parameter to send the bearer token only to secure https endpoints by default #10709

Merged
merged 2 commits into from Dec 29, 2021

Conversation

L3n41c
Copy link
Member

@L3n41c L3n41c commented Nov 23, 2021

What does this PR do?

Change the default behaviour of the auto-configuration of the kube_scheduler check.
By default, when trying all the possible endpoints, the bearer token will be sent only to secure https endpoints.

Motivation

Make the check work out of the box without leaking the token on an insecure connection on both clusters where only the insecure http endpoint is available and on clusters where only the secure https endpoint is available.

Additional Notes

Leverages #10706

Review checklist (to be filled by reviewers)

  • Feature or bugfix MUST have appropriate tests (unit, integration, e2e)
  • PR title must be written as a CHANGELOG entry (see why)
  • Files changes must correspond to the primary purpose of the PR as described in the title (small unrelated changes should have their own PR)
  • PR must have changelog/ and integration/ labels attached

@github-actions
Copy link

The validations job has failed; please review the Files changed tab for possible suggestions to resolve.

@L3n41c L3n41c force-pushed the lenaic/auto_bearer_kube_scheduler branch from 160a50e to b52a42d Compare November 23, 2021 13:02
@github-actions
Copy link

The validations job has failed; please review the Files changed tab for possible suggestions to resolve.

to send the bearer token only to secure https endpoints and not to clear text http endpoints.
@L3n41c L3n41c force-pushed the lenaic/auto_bearer_kube_scheduler branch from b52a42d to c1e77d0 Compare December 1, 2021 13:16
@codecov
Copy link

codecov bot commented Dec 1, 2021

Codecov Report

Merging #10709 (02b5660) into master (cd2c541) will not change coverage.
The diff coverage is n/a.

Flag Coverage Δ
kube_scheduler 96.20% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

@github-actions
Copy link

The validations job has failed; please review the Files changed tab for possible suggestions to resolve.

@L3n41c L3n41c force-pushed the lenaic/auto_bearer_kube_scheduler branch from bd65227 to 02b5660 Compare December 27, 2021 12:38
@L3n41c L3n41c requested a review from ofek December 27, 2021 12:39
@L3n41c
Copy link
Member Author

L3n41c commented Dec 27, 2021

/azp run PR Changes

@azure-pipelines
Copy link

Commenter does not have sufficient privileges for PR 10709 in repo DataDog/integrations-core

@L3n41c
Copy link
Member Author

L3n41c commented Dec 27, 2021

/azp run PR Changes

@azure-pipelines
Copy link

Azure Pipelines failed to run 1 pipeline(s).

@L3n41c
Copy link
Member Author

L3n41c commented Dec 27, 2021

/azp run PR Changes

1 similar comment
@L3n41c
Copy link
Member Author

L3n41c commented Dec 28, 2021

/azp run PR Changes

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

@L3n41c L3n41c merged commit 8eea1c0 into master Dec 29, 2021
@L3n41c L3n41c deleted the lenaic/auto_bearer_kube_scheduler branch December 29, 2021 07:47
cswatt pushed a commit that referenced this pull request Jan 5, 2022
…bearer token only to secure https endpoints by default (#10709)

to send the bearer token only to secure https endpoints and not to clear text http endpoints.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants